comphelper/source/container/embeddedobjectcontainer.cxx | 4 +++-
include/sal/log-areas.dox | 2 +-
svtools/source/misc/embedhlp.cxx | 13 ++++++++++---
3 files changed, 14 insertions(+), 5 deletions(-)
New commits:
commit 6aea0829f8650922f5422f2f2b2e432968d11b9b
Author: Michael Stahl <mst...@redhat.com>
Date: Wed Feb 11 14:42:51 2015 +0100
tdf#87303: svtools: relax the security a bit for embedded objects
CVE-2014-3575 was about updating linked objects, there is no security
issue with embedded objects so always allow updating the preview image
for them.
(regression from d005acae3aa315921f2c331612131626c470bd22)
Change-Id: I6e4d013ddf4fbe08c5968c680bbe143dd0473a4b
diff --git a/svtools/source/misc/embedhlp.cxx b/svtools/source/misc/embedhlp.cxx
index eb2aea4..5785701 100644
--- a/svtools/source/misc/embedhlp.cxx
+++ b/svtools/source/misc/embedhlp.cxx
@@ -44,6 +44,7 @@
#include <com/sun/star/embed/NoVisualAreaSizeException.hpp>
#include <com/sun/star/embed/XEmbeddedObject.hpp>
#include <com/sun/star/embed/XStateChangeListener.hpp>
+#include <com/sun/star/embed/XLinkageSupport.hpp>
#include <com/sun/star/datatransfer/XTransferable.hpp>
#include <com/sun/star/chart2/XDefaultSizeTransmitter.hpp>
#include <cppuhelper/implbase4.hxx>
@@ -604,15 +605,21 @@ SvStream* EmbeddedObjectRef::GetGraphicStream( bool
bUpdate ) const
if ( !xStream.is() )
{
SAL_INFO( "svtools.misc", "getting stream from object" );
- bool bUserAllowsLinkUpdate(true);
+ bool bUpdateAllowed(true);
const comphelper::EmbeddedObjectContainer* pContainer = GetContainer();
if(pContainer)
{
- bUserAllowsLinkUpdate = pContainer->getUserAllowsLinkUpdate();
+ uno::Reference<embed::XLinkageSupport> const xLinkage(
+ mpImpl->mxObj, uno::UNO_QUERY);
+ if (xLinkage.is() && xLinkage->isLink())
+ {
+ bUpdateAllowed = pContainer->getUserAllowsLinkUpdate();
+
+ }
}
- if(bUserAllowsLinkUpdate)
+ if (bUpdateAllowed)
{
// update wanted or no stream in container storage available
xStream = GetGraphicReplacementStream(mpImpl->nViewAspect,
mpImpl->mxObj, &mpImpl->aMediaType);
commit e81888278d953f6b283a489f28c36210c15f093e
Author: Michael Stahl <mst...@redhat.com>
Date: Wed Feb 11 14:42:13 2015 +0100
comphelper: add SAL_INFO for exception when graphic cannot be loaded
Change-Id: Ia0a4834987ae040a31e19276ece20b74b59ca445
diff --git a/comphelper/source/container/embeddedobjectcontainer.cxx
b/comphelper/source/container/embeddedobjectcontainer.cxx
index 376ba35..99a9686 100644
--- a/comphelper/source/container/embeddedobjectcontainer.cxx
+++ b/comphelper/source/container/embeddedobjectcontainer.cxx
@@ -1153,8 +1153,10 @@ uno::Reference < io::XInputStream >
EmbeddedObjectContainer::GetGraphicStream( c
}
}
}
- catch (const uno::Exception&)
+ catch (uno::Exception const& e)
{
+ SAL_INFO("comphelper.container",
+ "EmbeddedObjectContainer::GetGraphicStream(): exception: " <<
e.Message);
}
}
diff --git a/include/sal/log-areas.dox b/include/sal/log-areas.dox
index 2d38244..bf8f59b 100644
--- a/include/sal/log-areas.dox
+++ b/include/sal/log-areas.dox
@@ -85,7 +85,7 @@ certain functionality.
@section comphelper
@li @c comphelper
-@li @c comphelper.container
+@li @c comphelper.container - EmbeddedObjectContainer
@section cppu
_______________________________________________
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
